A chosen IV attack against Turing

Antoine Joux; Frédéric Muller

Journal ArticleOPEN ACCESS

A chosen IV attack against Turing

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2004) 3006 194-207

DOI: 10.1007/978-3-540-24654-1_14

7Citations

23Readers

Abstract

In this paper, we show that the key scheduling algorithm of the recently proposed stream cipher Turing suffers from important flaws. These weaknesses allow an attacker that chooses the initialization vector (IV) to recover some partial information about the secret key. In particular, when using Turing with a 256-bit secret key and a 128-bit IV, we present an attack that requires the ability to choose 237 IV and then recovers the key with complexity 272, requiring 236 bytes of memory. © Springer-Verlag Berlin Heidelberg 2004.

References Powered by Scopus

View more at Scopus

Cited by Powered by Scopus

View more at Scopus

Cite

CITATION STYLE

APA

Joux, A., & Muller, F. (2004). A chosen IV attack against Turing. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3006, 194–207. https://doi.org/10.1007/978-3-540-24654-1_14

Readers' Seniority

PhD / Post grad / Masters / Doc 15

71%

Professor / Associate Prof. 3

14%

Researcher 2

10%

Lecturer / Post doc 1

Readers' Discipline

Computer Science 18

90%

Physics and Astronomy 1

Mathematics 1

A chosen IV attack against Turing

Abstract

References Powered by Scopus

Correlation-Immunity of Nonlinear Combining Functions for Cryptographic Applications

Weaknesses in the key scheduling algorithm of RC4

Fast correlation attacks on certain stream ciphers

Cited by Powered by Scopus

Cube attacks on tweakable black boxp Polynomials

On the security of IV dependent stream ciphers

Cryptanalysis of loiss stream cipher

Register to see more suggestions

Cite

Readers' Seniority

Readers' Discipline